The Joint Parliamentary Committee report, along with the Data Protection Bill, 2021, was tabled in both houses of the Parliament on December 16 after two years of deliberations. Since the landmark Puttaswamy judgement in 2017, the government has been under an obligation to pass legislation to protect Indians’ personal data. Here’s our complete guide to the Data Protection Bill, 2021 We have identified the main points from the report below: No checks and balances on the Central Government's powers Power of DPA: The Central Government has been given absolute power to direct the Data Protection Authority (DPA) in all matters. In the 2019 draft, the authority was bound by the central government’s directions specifically ‘on questions of policy’. The committee said that the authority should be bound by the directions of the central government under all cases and not just on questions of policy. Exemptions for government bodies: The Central Government will have the authority to exempt any agency of the government from the provisions of the act, subject to just, fair, reasonable, and proportionate procedure. Agencies to be held liable: Particular ‘government data fiduciaries’ will be held liable for offences under the provisions of the act, instead of state departments or ministries. The earlier draft placed the liability directly on the ‘department or authority or body of the State’ which committed the offence. Personnel to be held liable: In case a government body commits an offence under the act, the head of office must conduct an in-house enquiry, and…
